Sheogorath on Nostr: so the categories of your risk profile are the same: - password stuffing, - ...
so the categories of your risk profile are the same:
- password stuffing,
- unauthorised access for files
- arbitrary code execution due to a vulnerability
- …
What you do control with VPN vs Reverse Proxy is the amount of people able to execute these attacks. Any automated scanner vs. devices on the VPN (these can also be compromised).
What you want to do is decide the risk Jellyfin poses to you when it's successfully attacked and take steps to isolate jellyfin.
Published at
2024-06-16 10:02:10Event JSON
{
"id": "a817a16dc4f28b45d64a0365e2cafca71353d482538658306bd6c38bf536b420",
"pubkey": "48ed96a072cb386c2f704daeac1d2a1ed203ee5628ffc4f1832f243739b86d4f",
"created_at": 1718532130,
"kind": 1,
"tags": [
[
"proxy",
"https://microblog.shivering-isles.com/@sheogorath/112625721709934198",
"web"
],
[
"p",
"fe542d9fd7425981f91d9f9e26aa75a3abc5f2f400f01279167b8f54a4a88e88"
],
[
"e",
"6221829a9de49813aa53c599d522bc1b628b35d529d0c00900bae10c1728e115",
"",
"root"
],
[
"proxy",
"https://microblog.shivering-isles.com/users/sheogorath/statuses/112625721709934198",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://microblog.shivering-isles.com/users/sheogorath/statuses/112625721709934198",
"pink.momostr"
]
],
"content": "so the categories of your risk profile are the same:\n- password stuffing,\n- unauthorised access for files\n- arbitrary code execution due to a vulnerability\n- …\n\nWhat you do control with VPN vs Reverse Proxy is the amount of people able to execute these attacks. Any automated scanner vs. devices on the VPN (these can also be compromised).\n\nWhat you want to do is decide the risk Jellyfin poses to you when it's successfully attacked and take steps to isolate jellyfin.",
"sig": "29392abbf8e148cfc9eb373364fe970e5ab16f9be3e4ed76fe5956eb26072dad67b26cf13bf08f6f23ce14e4aa85dcb12cab05401071288bb31c0ba73d1ec4da"
}
